Internet Startup Security Checklist

April 20, 2014

I've been wanting to compile a checklist of basic precautions that could be useful to Internet startups (especially those in the SaaS space)
ever since the MongoHQ/Buffer security incident.
As evident by that incident, a security breach at a SaaS provider could have catastrophic ripple effects - your customer's customers data could be compromised!

TL;DR: The list basically boils down to using strong unique passwords, enabling multi-factor authentication (MFA) at third party providers
and moving as many things as possible behind a virtual private network (VPN).